Main Vulnerability Database Exploits ID:11490 - Exploit for Integer overflow in PHP - CVE-2016-3078

ID:11490 - Exploit for Integer overflow in PHP - CVE-2016-3078

Published: June 8, 2025

Vulnerability identifier: #VU110257

Vulnerability risk: High

CVE-ID: CVE-2016-3078

CWE-ID: CWE-190

Exploitation vector: Remote access

Vulnerable software:
PHP

Link to public exploit:

https://www.exploit-db.com/exploits/39742/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.

Remediation

Install update from vendor's website.

ID:11490 - Exploit for Integer overflow in PHP - CVE-2016-3078

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human